Private Cloud
& Security

MCG’s Private Cloud is built to mission-critical, high availability standards. In order to achieve and exceed our SLA uptime commitment of 99.99% to all customers, we have built highly redundant individual datacenter sites, and then increased overall redundancy by using our multiple sites in an active-active architecture rather than an active-passive approach. MCG is also unique in offering a SaaS environment for hosted customers opting for a Perpetual License.

MCG Energy is now in agency review on FedRAMP Marketplace, and in process for FedRAMP authorization. This further demonstrates our commitment to the highest levels of security and compliance.


To participate in the SaaS marketplace, vendors must be able to meet an ever expanding set of audit and regulatory requirements. Since we entered the SaaS marketplace, MCG Energy has rigorously pursued the implementation and maintenance of all audit standards needed by our customers. Now MCG Energy is preparing for FedRAMP authorization with United States Department of Energy sponsorship.

These are currently part of MCG Energy’s annual auditing program:

  • SOC 1
  • SOC 2
  • FISMA NIST SP 800-53 r4
  • External network penetration testing
  • Web/Application penetration testing

Audit reports are provided to our customers when available each year, and to prospective customers to review upon request. In addition to these annual reviews, FedRAMP requires ongoing monitoring and even stricter compliance as assurance for all customers, even those that do not yet require FedRAMP level security. Click below to learn more about the MCG Energy FedRAMP advantage.

sever data center tech

Private Cloud

MCG Energy maintains its own datacenters. While the majority of the SaaS marketplace employs third party infrastructure and hosting services, we control our own. This positions MCG Energy to meet the ever evolving security and compliance requirements of the power industry with no limitations imposed by a third-party provider for our customers’ Support and Maintenance. There’s no question of where to go for help. MCG handles it all.

MCG’s Private Cloud is NIST SP 800-53 r4 Mod Level complaint. Both our applications and hosting are currently maintained to FedRAMP standards and in review for FedRAMP authorization with United States Department of Energy sponsorship. Watch this website for updates.


MCG Energy’s infrastructure and applications are always maintained to the highest security standards in the marketplace. We manage our own datacenter infrastructure and security to ensure that we meet the requirements of compliance agencies and our customers. Our rigorous auditing employs many physical security and cybersecurity methods to protect our customers’ applications and data. 

The operational functionality of MCG applications and the security of the entire system landscape – including all data – are architected, engineered, and built to be highly effective and user-friendly as a hosted solution in MCG Energy’s NIST SP 800-53 r4 compliant Private Cloud. Our security controls and SOC and NIST auditing programs cover datacenter infrastructure and applications. Now MCG Energy is adding FedRAMP authorization to our security and compliance programs. This will make MCG Energy unique in having both our datacenter hosting facilities and our software packages FedRAMP authorized.

Many other providers will offer to put an application into the FedRAMP cloud facility of a hosting service like AWS or Azure. This is not enough as client agencies increasingly require the same level of FedRAMP security for the application itself. While competitors shift the responsibility for security to an external hosting provider, MCG Energy’s audit and authorization programs include our datacenters as well as our applications. Unlike other providers, there are no gaps or confusion when it comes to the security of our solutions.

sever data center tech